Cybercrime Ring Led by Russian 'Soldier' Steals $3.2 Million

Below:

Next story in Security

An international cybercrime gang is currently on the loose,
orchestrating attacks on major U.S. corporations and government
organizations to the tune of $3.2 million in the first six months
of the year, or $17,000 a day.

The criminal syndicate is believed to be headed by a Russian man
in his early 20s who goes by the name "Soldier," according to the
security firm Trend Micro, which has been investigating the
gang's exploits.

Soldier, Trend Micro said, deploys the
SpyEye and Zeus banking Trojans to compromise and penetrate
the servers of primarily U.S. targets, including local, state and
federal government organizations, the U.S. military, educational
and research institutions and banks, among other victims.

Soldier also has a botnet — a vast array of "zombie" computers
whose owners don't know they've been hijacked by malware — under
his control, which compromised approximately 25,394 systems
between April 19 and June 29, 2011, Trend Micro wrote.
The gang has also nabbed security credentials from companies
including Facebook, Google, eBay, Amazon, Skype, Twitter and
PayPal.

"Compromise on such a mass scale is not that unusual for
criminals using toolkits like SpyEye, but the amounts stolen and
the number of large organizations potentially impacted is cause
for serious concern," Trend Micro said.

Experts believe Soldier isn't acting alone. According to Trend
Micro, the gang's leader employs a team of
money mules as well as two main accomplices, one based in
West Hollywood, Calif., and the other in nearby Venice Beach.